1. Who we are
Dr Hanin Clinic (“we”, “us”) provides medical aesthetic services, training courses, and cosmetic products in London (UK) and Cairo (Egypt). This policy explains how we collect and use personal data under UK GDPR and applicable Egyptian data protection law.
2. Data we collect
- Account & contact: name, email, phone, password (hashed), appointment and order details.
- Clinical enquiries: treatment interest, messages, preferred location and time.
- Orders: delivery address, items purchased, payment method (cash on delivery), order tracking number.
- Technical: essential cookies for language preference, cart, authentication, and consent choice.
3. How we use your data
We process data to book consultations, fulfil product orders, manage course enrollments, send appointment/order updates by email, operate our website, prevent fraud, and comply with legal obligations. Marketing messages are sent only where you have opted in.
4. Legal bases
Contract (orders & appointments), legitimate interests (clinic operations, security), consent (non-essential cookies/marketing where applicable), and legal obligation (tax/health records where required).
5. Sharing & retention
We do not sell personal data. We may share data with payment/delivery partners, email providers, and IT hosts under strict confidentiality. Medical records are retained per professional regulatory requirements; order data typically up to 7 years; marketing consent until withdrawn.
6. International transfers
Data may be processed in the UK, Egypt, or EEA-equivalent hosting. Appropriate safeguards are applied for cross-border transfers.
7. Your rights
You may request access, correction, erasure, restriction, portability, or object to processing. Contact us via the website contact form. You may complain to the UK ICO or the Egyptian data protection authority.
8. Contact
Privacy enquiries: contact the clinic or email the address shown on your order confirmation.